basic auth для веб-интерфейса

htpasswd -bc '/usr/local/Reductor/userinfo/hooks/nginx_htpasswd' 'admin' 'yourpassword'

# Configuration for Nginx
server {
        listen 10.50.140.230:8080;

# Serve a static file (ex. favico) outside static dir.
        location = /favico.ico  {
                root /app/favico.ico;
        }

# Proxying connections to application servers
        allow 10.50.140.222;
        deny all;
        location / {
                proxy_set_header X-Real-IP  $remote_addr;
                proxy_set_header X-Forwarded-For $remote_addr;
                proxy_set_header Host $host;
                proxy_pass http://127.0.0.1:8085;
        }
}

# Configuration for Nginx
server {
        listen 10.50.140.230:8080;

# Serve a static file (ex. favico) outside static dir.
        location = /favico.ico  {
                root /app/favico.ico;
        }

# Proxying connections to application servers
        allow 10.50.140.222;
        deny all;
        location / {
                auth_basic "Not Found 404"; # текст сообщения сервера с предложением ввести пароль
                auth_basic_user_file /usr/local/Reductor/userinfo/hooks/nginx_htpasswd; # путь к htpasswd файлу

                proxy_set_header X-Real-IP  $remote_addr;
                proxy_set_header X-Forwarded-For $remote_addr;
                proxy_set_header Host $host;
                proxy_pass http://127.0.0.1:8085;
        }
}

#!/bin/bash

client_post_start_hook() {
        echo "- Включаем basic auth в nginx"
        cp -a $HOOKDIR/nginx_reductor.conf /etc/nginx/conf.d/
        service nginx reload || service nginx restart || true
}

chmod a+x /usr/local/Reductor/userinfo/hooks/start.sh

service reductor restart